Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-26 | CVE-2023-20912 | Missing Authorization vulnerability in Google Android 13.0 In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. | 7.8 |
2023-01-26 | CVE-2023-20916 | Missing Authorization vulnerability in Google Android 12.0/12.1 In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a missing permission check. | 7.8 |
2023-01-26 | CVE-2023-22736 | Missing Authorization vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 8.5 |
2023-01-26 | CVE-2023-24431 | Missing Authorization vulnerability in Jenkins Orka BY Macstadium A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2023-01-26 | CVE-2023-24433 | Missing Authorization vulnerability in Jenkins Orka BY Macstadium Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2023-01-26 | CVE-2023-24435 | Missing Authorization vulnerability in Jenkins Github Pull Request Builder A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2023-01-26 | CVE-2023-24436 | Missing Authorization vulnerability in Jenkins Github Pull Request Builder A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2023-01-26 | CVE-2023-24438 | Missing Authorization vulnerability in Jenkins Jira Pipeline Steps A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2023-01-26 | CVE-2023-24448 | Missing Authorization vulnerability in Jenkins Rabbitmq Consumer A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password. | 6.5 |
2023-01-26 | CVE-2023-24451 | Missing Authorization vulnerability in Jenkins Cisco Spark A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |